Is Private Internet Access injecting their own Google cert?

[vicken]

I noticed something really strange happen today. I'm getting an invalid certificate warning ("This certificate is not valid (host name mismatch") while sending email through Google's smtp server. I decided to disconnect from PIA and send the email and, low and behold, no certificate warning. I reconnected to PIA, tried to send a test email, and got the warning again.

Anyone else notice this? I've noticed this happen several times in the past, but I didn't pay much attention to it. The cert in question is for mx.google.com

[ammmir]

would you mind providing some details, such as, the hostname you're using (mx.google.com doesn't resolve), the exact error message, and if possible, the certificate chain you're seeing?

we absolutely are not injecting any certificates or otherwise modifying or inspecting traffic.

(disclaimer: i am an employee of PIA)

[vicken]

Sure thing, I snapped a shot of the error window when it popped up: http://imgur.com/y5tQbTn

I was connected to the US East server at the time.

[dangrossman]

> low and behold

It's "lo and behold". Lo is short for look (archaically loke).

[sharth]

What is "Private Internet Access"?

[wlkr]

A VPN service, https://www.privateinternetaccess.com/